Description

guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Guido guido+pwm@1: Berhoerster guido+pwm@1: guido+pwm@1: guido+pwm@berhoerster.name guido+pwm@1: guido+pwm@1: guido+pwm@23: 17 September, 2017 guido+pwm@1: guido+pwm@1: guido+pwm@1: pwm guido+pwm@1: 1 guido+pwm@1: guido+pwm@1: guido+pwm@1: User Commands guido+pwm@1: guido+pwm@1: guido+pwm@1: pwm guido+pwm@1: password manager guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: pwm guido+pwm@1: guido+pwm@1: guido+pwm@1: password_file guido+pwm@1: guido+pwm@1: guido+pwm@23: guido+pwm@23: guido+pwm@23: guido+pwm@1: database_file guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Description guido+pwm@1: The pwm utility is a password manager which guido+pwm@1: stores passwords and associated metadata in an encrypted database protected guido+pwm@1: by a master password. It offers both a text-based user interface for guido+pwm@1: interactive use as well as a non-interactive mode. The database uses the guido+pwm@1: PasswordSafe database version 3 file format and thus provides guido+pwm@1: interoperabity with other password managers using the same format. guido+pwm@1: After opening an existing database or creating a new one, guido+pwm@1: pwm provides commands to create, modify, delete, and guido+pwm@1: display password database entries which may be organized in groups. The guido+pwm@1: contents of a field of a given entry can also be piped to an external guido+pwm@26: command such as the pwm-clip guido+pwm@26: 1 utility in order to copy the guido+pwm@26: content of the username or password field of an entry to the guido+pwm@26: clipboard. guido+pwm@1: If specified, pwm will open or create guido+pwm@1: database_file instead of the user's default guido+pwm@1: database. guido+pwm@1: pwm must be run with a locale which uses the UTF-8 guido+pwm@1: character encoding. guido+pwm@1: guido+pwm@1: Output format guido+pwm@10: The show and info commands guido+pwm@10: display fields by printing the field name followed by a colon, one or guido+pwm@10: more space characters and the field's verbatim content to the standard guido+pwm@10: output stream. Field content may contain newlines, non-printable and/or guido+pwm@10: control characters. guido+pwm@17: If running in interactive mode, the list, guido+pwm@17: show and info will display guido+pwm@17: the results on a page-by-page basis using an internal pager. guido+pwm@1: The pipe prints the verbatim field content to the guido+pwm@1: standard input stream of the given command. guido+pwm@1: Error messages are printed to the standard error stream. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Options guido+pwm@1: The following options are supported: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: password_file guido+pwm@1: guido+pwm@1: guido+pwm@1: Read the master password from the first line of guido+pwm@1: password_file. guido+pwm@1: guido+pwm@1: guido+pwm@23: guido+pwm@23: guido+pwm@23: guido+pwm@23: guido+pwm@23: guido+pwm@23: Treat the database as read-only and disallow any modifications guido+pwm@23: and write operations. guido+pwm@23: guido+pwm@23: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Usage guido+pwm@1: If stdin is connected to a terminal pwm will run in interactive mode guido+pwm@1: and prompt the user for the master password unless guido+pwm@1: password_file is specified via the guido+pwm@1: option. After successfully opening the password guido+pwm@1: database the user will be prompted for a command. guido+pwm@1: When running in non-interactive mode a file containing the master guido+pwm@1: pasword must be specified via the option and after guido+pwm@1: successfully opening the password database, pwm will execute commands read guido+pwm@1: from stdin until either an error occurrs or end-of-file is reached. guido+pwm@1: pwm operates on a copy of the password database guido+pwm@1: in memory, any changes must be explicitly written back to the database guido+pwm@1: using the write command. guido+pwm@1: guido+pwm@1: IDs guido+pwm@1: Database entries are referred to by an ID value which is a guido+pwm@1: positive integer value that is guaranteed to be unqiue during the run guido+pwm@1: time of the pwm utility. guido+pwm@1: guido+pwm@1: guido+pwm@1: Fields guido+pwm@10: The following entry fields are supported: guido+pwm@10: guido+pwm@10: Fields and their identifiers guido+pwm@10: guido+pwm@10: guido+pwm@10: guido+pwm@10: Field guido+pwm@10: Field Identifier guido+pwm@10: guido+pwm@10: guido+pwm@10: guido+pwm@10: guido+pwm@10: Group guido+pwm@10: group guido+pwm@10: guido+pwm@10: guido+pwm@10: Title guido+pwm@10: title guido+pwm@10: guido+pwm@10: guido+pwm@10: Username guido+pwm@10: username guido+pwm@10: guido+pwm@10: guido+pwm@10: Password guido+pwm@10: password guido+pwm@10: guido+pwm@10: guido+pwm@10: Notes guido+pwm@10: notes guido+pwm@10: guido+pwm@10: guido+pwm@10: URL guido+pwm@10: url guido+pwm@10: guido+pwm@10: guido+pwm@10: Creation Time guido+pwm@10: ctime guido+pwm@10: guido+pwm@10: guido+pwm@10: Modification Time guido+pwm@10: mtime guido+pwm@10: guido+pwm@10: guido+pwm@10: guido+pwm@10:

guido+pwm@1: Other, existing fields specified by the PasswordSafe file format guido+pwm@1: will be preserved but cannot be displayed or modified. guido+pwm@1: guido+pwm@1: guido+pwm@1: Commands guido+pwm@1: Each command must appear on a seperate line terminated by a newline guido+pwm@1: character. The command and its arguments are seperated by whitespace, guido+pwm@1: i.e. one or more space or tab characters. If an argument contains guido+pwm@1: whitespace characters it must either be quoted by encosing it in single guido+pwm@1: or double quote characters or each whitespace character must be preceded guido+pwm@1: by a backslash character. Arguments quoted with a single or double quote guido+pwm@1: character preserve the literal values of all characters with the guido+pwm@1: exception of the backslash character which can be used to escape the guido+pwm@1: respective quoting character. Two consecutive backslash characters yield guido+pwm@1: a literal backslash within both quoted and unquoted arguments. A line guido+pwm@1: must not end in a single backslash character, any other backslash guido+pwm@1: characters are ignored. guido+pwm@1: If an error occurrs while parsing or executing a command, guido+pwm@1: pwm will terminate when running in non-interactive guido+pwm@1: mode. In interactive mode it will print an error message and prompt the guido+pwm@1: user for the next command. The following commands are supported: guido+pwm@1: guido+pwm@1: guido+pwm@1: List entries guido+pwm@1: guido+pwm@1: guido+pwm@1: list guido+pwm@11: guido+pwm@11: field~regex guido+pwm@11: guido+pwm@1: guido+pwm@1: guido+pwm@1: ls guido+pwm@11: guido+pwm@11: field~regex guido+pwm@11: guido+pwm@1: guido+pwm@1: guido+pwm@11: List password database entries. If one or more filter guido+pwm@11: expressions are specified, limit the displayed entries to those guido+pwm@11: whose field content matches the extended guido+pwm@11: regular expression regex. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Create entry guido+pwm@1: guido+pwm@1: guido+pwm@1: create guido+pwm@1: guido+pwm@1: field=value guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: c guido+pwm@1: guido+pwm@1: field=value guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Create a new entry assigning each given guido+pwm@1: field to the corresponsing guido+pwm@1: value. guido+pwm@22: If no fields are specified in interactive mode, guido+pwm@22: pwm will prompt the user for the content of guido+pwm@22: each field. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Modify entry guido+pwm@1: guido+pwm@1: guido+pwm@1: modify guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: field=value guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: m guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: field=value guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Modify an existing entry identified by guido+pwm@1: id assigning each given guido+pwm@1: field to the corresponsing guido+pwm@1: value. guido+pwm@22: If no fields are specified and pwm is guido+pwm@22: running in interactive mode, it will prompt the user for the guido+pwm@22: content of each field, allowing him to edit any previous guido+pwm@22: content. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Remove entry guido+pwm@1: guido+pwm@1: guido+pwm@1: remove guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: rm guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Remove an existing entry identified by guido+pwm@1: id. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Display entry fields guido+pwm@1: guido+pwm@1: guido+pwm@1: show guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: field guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: s guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: field guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Display each field of the entry guido+pwm@15: identified by id. If no field is guido+pwm@15: specified, display all fields except the password field. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Pipe entry fields to an external command guido+pwm@1: guido+pwm@1: guido+pwm@1: pipe guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: field guido+pwm@1: guido+pwm@1: guido+pwm@1: command guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: p guido+pwm@1: guido+pwm@1: id guido+pwm@1: guido+pwm@1: guido+pwm@1: field guido+pwm@1: guido+pwm@1: guido+pwm@1: command guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Pipe the content of each given guido+pwm@1: field of the entry identified by id to guido+pwm@1: command which must be a single argument. The command is executed by guido+pwm@1: invoking the sh utility with the -c guido+pwm@1: option and command as its option guido+pwm@1: argument, thus special care should be applied to quoting command. guido+pwm@1: See the sh guido+pwm@1: 1 manual page for guido+pwm@1: details. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Create empty group guido+pwm@1: guido+pwm@1: guido+pwm@1: creategroup guido+pwm@1: guido+pwm@1: name guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: cg guido+pwm@1: guido+pwm@1: name guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Create a new empty group named guido+pwm@1: name. guido+pwm@22: In interactive-mode the name guido+pwm@22: argument is optional, if it is not specified pwm guido+pwm@22: will prompt the user for it. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Remove empty group guido+pwm@1: guido+pwm@1: guido+pwm@1: removegroup guido+pwm@1: guido+pwm@1: name guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: rg guido+pwm@1: guido+pwm@1: name guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Remove the empty group named guido+pwm@1: name. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@12: Generate a random password guido+pwm@12: guido+pwm@12: guido+pwm@12: generatepassword guido+pwm@12: guido+pwm@12: id guido+pwm@12: guido+pwm@12: guido+pwm@12: len=n guido+pwm@12: guido+pwm@12: guido+pwm@12: chars=n:chars guido+pwm@12: guido+pwm@12: guido+pwm@12: charclass=n:class guido+pwm@12: guido+pwm@12: guido+pwm@12: guido+pwm@12: gp guido+pwm@12: guido+pwm@12: id guido+pwm@12: guido+pwm@12: guido+pwm@12: len=n guido+pwm@12: guido+pwm@12: guido+pwm@12: chars=n:chars guido+pwm@12: guido+pwm@12: guido+pwm@12: charclass=n:class guido+pwm@12: guido+pwm@12: guido+pwm@12: guido+pwm@12: Randomly generate a new password according to the specified guido+pwm@12: constraints. The len argument sets the length of guido+pwm@12: the generated password to n characters. guido+pwm@12: The chars argument constrains the password to guido+pwm@12: n from the set of characters guido+pwm@12: chars. Similarly, the guido+pwm@12: charclass argument to guido+pwm@12: n characters from the extended regular guido+pwm@12: expression character class class. guido+pwm@12: Multiple char and charclass guido+pwm@12: arguments may be specified, in which case the generated passwords guido+pwm@12: match all of them. guido+pwm@12: guido+pwm@12: guido+pwm@12: guido+pwm@1: Change the master password guido+pwm@1: guido+pwm@1: guido+pwm@1: changepassword guido+pwm@1: guido+pwm@1: guido+pwm@1: ch guido+pwm@1: guido+pwm@1: guido+pwm@1: Change the master password. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Display help text guido+pwm@1: guido+pwm@1: guido+pwm@1: help guido+pwm@14: guido+pwm@14: command guido+pwm@14: guido+pwm@1: guido+pwm@1: guido+pwm@1: h guido+pwm@14: guido+pwm@14: command guido+pwm@14: guido+pwm@1: guido+pwm@1: guido+pwm@14: Display a summary of all commands or usage information for guido+pwm@14: the specified command. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@10: Show metadata information guido+pwm@10: guido+pwm@10: guido+pwm@10: info guido+pwm@10: guido+pwm@10: guido+pwm@10: i guido+pwm@10: guido+pwm@10: guido+pwm@10: Display metadata information such as the user who last wrote guido+pwm@10: to the database, the time when the database was last written to, guido+pwm@10: and the host on which the password database was last written guido+pwm@10: to. guido+pwm@10: guido+pwm@10: guido+pwm@10: guido+pwm@16: Display status messages guido+pwm@16: guido+pwm@16: guido+pwm@16: status guido+pwm@16: guido+pwm@16: guido+pwm@16: t guido+pwm@16: guido+pwm@16: guido+pwm@16: Redisplay any error message from the previous command and guido+pwm@16: whether there are unsaved changes. guido+pwm@16: guido+pwm@16: guido+pwm@16: guido+pwm@1: Write database guido+pwm@1: guido+pwm@1: guido+pwm@1: write guido+pwm@1: guido+pwm@1: guido+pwm@1: w guido+pwm@1: guido+pwm@1: guido+pwm@1: Write all changes back to the password database. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Quit guido+pwm@1: guido+pwm@1: guido+pwm@1: quit guido+pwm@1: guido+pwm@1: guido+pwm@1: q guido+pwm@21: guido+pwm@21: guido+pwm@21: end-of-file guido+pwm@1: guido+pwm@1: guido+pwm@13: Quit pwm. If running in interactive mode guido+pwm@13: and there are unsaved changes, pwm will not guido+pwm@13: terminate but display a warning message. If the quit command is guido+pwm@13: invoked twice consecutively, pwm will discard guido+pwm@13: unsaved changes and terminate. guido+pwm@13: guido+pwm@13: guido+pwm@13: guido+pwm@13: Quit and discard unsaved changes guido+pwm@13: guido+pwm@13: guido+pwm@13: Quit guido+pwm@13: guido+pwm@13: guido+pwm@13: Q guido+pwm@13: guido+pwm@13: guido+pwm@13: Quit pwm and discard any unsaved changes guido+pwm@13: without a warning. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: File Format guido+pwm@1: The canonical description of the file format is included with the guido+pwm@1: distribution of the pwsafe guido+pwm@1: 1 utility. guido+pwm@1: guido+pwm@1: guido+pwm@1: Environment Variables guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: LANG guido+pwm@1: guido+pwm@1: guido+pwm@1: LC_ALL guido+pwm@1: guido+pwm@1: guido+pwm@1: See locale guido+pwm@1: 5 guido+pwm@1: guido+pwm@1: guido+pwm@10: guido+pwm@10: guido+pwm@10: LOGNAME guido+pwm@10: guido+pwm@10: guido+pwm@10: The name of the logged in user which is recorded when writing guido+pwm@10: the password database guido+pwm@10: guido+pwm@10: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: Exit Status guido+pwm@1: The following exit values are returned: guido+pwm@1: guido+pwm@1: guido+pwm@1: 0 guido+pwm@1: guido+pwm@1: Command successfully executed. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: 1 guido+pwm@1: guido+pwm@1: An unspecified error has occured. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: 2 guido+pwm@1: guido+pwm@1: Invalid command line options were specified. guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@20: Asynchronous Events guido+pwm@20: guido+pwm@20: guido+pwm@20: SIGINT guido+pwm@20: SIGHUP guido+pwm@20: SIGTERM guido+pwm@20: guido+pwm@20: If there are changes since the database was last written and guido+pwm@20: pwm is running in interactive mode, it guido+pwm@20: automatically writes a copy of the current database to the file guido+pwm@20: ~/.pwm/autosave.psafe3 which may be used for guido+pwm@20: recovery later. guido+pwm@20: guido+pwm@20: guido+pwm@20: guido+pwm@20: guido+pwm@20: guido+pwm@1: Files guido+pwm@1: guido+pwm@1: guido+pwm@1: ~/.pwm/pwm.psafe3 guido+pwm@1: guido+pwm@1: default password database guido+pwm@1: guido+pwm@1: guido+pwm@20: guido+pwm@20: ~/.pwm/autosave.psafe3 guido+pwm@20: guido+pwm@20: automatic copy of the password database after receiving a fatal guido+pwm@20: signal in interactive mode guido+pwm@20: guido+pwm@20: guido+pwm@1: guido+pwm@1: guido+pwm@1: guido+pwm@1: See Also guido+pwm@26: pwm-clip guido+pwm@26: 1, guido+pwm@26: pwsafe guido+pwm@1: 1, guido+pwm@1: sh guido+pwm@1: 1, guido+pwm@1: locale guido+pwm@1: 5, guido+pwm@11: regex guido+pwm@11: 5, guido+pwm@1: guido+pwm@1: guido+pwm@1: